For proxied services, the proxy (e.g., squid) server on the other end of the ssh tunnel will be making the DNS requests.
If you want to be fastidious enough to hide the DNS for un-proxied services, you'll probably also want to have a firewall blocking and logging most outgoing non-tunneled services so you can identify them and configure the clients and proxy appropriately.
If you want to be fastidious enough to hide the DNS for un-proxied services, you'll probably also want to have a firewall blocking and logging most outgoing non-tunneled services so you can identify them and configure the clients and proxy appropriately.